Skill Guard

The package mostly looks like a legitimate security scanner with a test corpus, but there are internal inconsistencies and embedded prompt-injection / active-exfiltration test files that could be dangerous if executed or blindly followed.

This package appears to be a security scanner that intentionally includes malicious testcases. That design is plausible, but you should NOT run or execute files from the tests/ directory on a production host. Before installing or running: (1) verify the scanner's main script (scripts/skillguard.py) by opening and reading it; (2) run the scanner only in a controlled environment (VM/container) or with read-only mounts to the codebase you want scanned; (3) do not run any scripts from tests/ or any scanned skill — scanning should analyze files, not execute them; (4) be aware the scanner will create/modify files under ~/clawd/skills/ (baselines, quarantine) and may move skills to a quarantine directory; (5) because the package metadata claims 'instruction-only' while code files are present, prefer to obtain this tool from a trusted source or review the entire repo before use. If you need higher assurance, ask the publisher for provenance (homepage, repo) or run the scanner in an isolated VM and inspect outputs before allowing it access to live skill directories.